Google Security Researcher Reveals Android WiFi Security Flaw, iOS 10.3.1 Patched

A Google Project Zero researcher has found some critical vulnerabilities including a remote code execution in Broadcom’s Wi-Fi system-on-chip (SoC) which if exploited can allow attackers to compromise smartphone devices like iOS and Android devices.

In a blog post by the researcher, Gal Beniamini, he revealed that a hacker within the range of a shared WiFi network will potentially be able to execute arbitrary code on a targeted device. This ultimately resulted in a full device takeover just through WiFi alone and requires no user interaction, meaning that the victim doesn’t need to click a link or download a file for this hack to work.

“We’ve seen that while the firmware implementation on the Wi-Fi SoC is incredibly complex, it still lags behind in terms of security,” writes Beniamini. “Specifically, it lacks all basic exploit mitigations—including stack cookies, safe unlinking and access permission protection (by means of [a memory protection unit.])”

Before you panic, we should note that Apple has since addressed the flaw with the release of iOS 10.3.1. Unfortunately for Android users, ArsTechnica writes, “As is all too often the case for Android users, there’s no easy way to get a fix immediately, if at all. That’s because Google continues to stagger the release of its monthly patch bundle for the minority of devices that are eligible to receive it.”

Thankfully this hack exists as a proof-of-concept right now as there has been no proof that it has been used in real life, but hopefully for the sake of Android users, Google and Android OEMs will release a patch to address this bug in the near future.

World-traveling, tech-savvy, music-producing writer obsessed with all things Apple, video games, and the finer things in life, e.g. mezcal and tacos. When I'm not writing I'm exploring new places, eating new foods, and generally trying to be a decent human.

  • yes I got success to earn Ninty Eight Thousand Five Hundred and Sixty Seven dollars.I heard of this job six calender months back and a pair of months back I surely tried out and I got paid such a significant bucks. It is very promising for me and my family.My friends are skeptical to look at how I settled my Lifestyle in few days. Thank you so much GOD for all this….You can as well take home such a great amount of funds, if you have a computer system and web connection at your home. Extra complex information are not required to work on this job. I am Liking it and you will also like it and also you will not pardon yourself if you not at all visit the info >>>>>> GOCHIURL.COM/15d9c